Note: this was introduced in a recent change and it’s not backward
compatible, take into account that saved sessions won’t be able to login
because the backend string stored in session (like backends.TwitterBackend)
won’t match the new paths.

The application will try to import custom backends from the sources defined in:

These are needed to ensure a better django-auth integration, in other case
login_required won’t be usable. A warning is displayed if any of these are
missing. By default auth.User is used.

Check example application for implementation details, but first, please take
a look to User Profiles, it might be what you were looking for.

Signals

A pre_update signal is sent when user data is about to be updated with new
values from authorization service provider, this apply to new users and already
existent ones. This is useful to update custom user fields or User Profiles,
for example, to store user gender, location, etc. Example:

New data updating is made automatically but could be disabled and left only to
signal handler if this setting value is set to True:

SOCIAL_AUTH_CHANGE_SIGNAL_ONLY = False

Take into account that when defining a custom User model and declaring signal
handler in models.py, the imports and handler definition must be made after
the custom User model is defined or circular imports issues will be raised.

OpenId

OpenId support is simpler to implement than OAuth. Google and Yahoo
providers are supported by default, others are supported by POST method
providing endpoint URL.

OAuth

OAuth communication demands a set of keys exchange to validate the client
authenticity prior to user approbation. Twitter, Facebook and Orkut
facilitates these keys by application registration, Google works the same,
but provides the option for unregistered applications.

Check next sections for details.

Twitter

Twitter offers per application keys named “Consumer Key” and
“Consumer Secret”. To enable Twitter these two keys are needed.
Further documentation at Twitter development resources:

Google OAuth

Google provides “Consumer Key” and “Consumer Secret” keys to
registered applications, but also allows unregistered application to
use their authorization system with, but beware that this method
will display a security banner to the user telling that the application
is not trusted.